Practical Management

The MCSA has been portrayed by some as just another marketing campaign
to bolster the MCP program. There’s probably some truth to this, but it
also happens to address a real issue in the day-to-day management of IT
systems. This practicality will mark the success of this new certification.
The MCSA certification has the distinct possibility of numerically overshadowing
the MCSE in that there’s a larger market for network administrators than
network engineers. It also clarifies a valid distinction: The operation
of an information system takes a different mind set and skill set than
the design and deployment of an information system. By formalizing this
distinction through the certification program, Microsoft has ensured that
HR departments throughout the world will have comparison guidelines to
measure potential candidates to fill relevant positions. On the other
side of the fence, it also provides IT professionals a roadmap with more
options to pursue their interests and to plot their personal career path.

The live version of 70-218 consists of the usual number of questions
within the usual time period (unless it’s delivered in the adaptive format).
What struck me about the test was that the questions were clearly written,
and the options for the questions weren’t esoteric or confusing. It’s
a good test. If you understand the material, then the correct answers
will rise from the page. The only problem I had was a technical one with
the delivery of the test itself. Near the very end, my machine crashed.
I was a little disturbed at the prospect of spending a few more hours
retaking the exam (the beta exam provided four hours to cover the extra
questions, as a beta always includes), but the auditor rebooted my machine.
When I logged into the test, it brought me right back to the question
I was on.

But what to study? After this article, the preparation guide at www.microsoft.com/train
cert/exams/70-218.asp is the next best step. If you feel comfortable
with the topics listed in the “skills being measured section,” by all
means go for it. If there are areas in which you know you’re deficient,
hit the books. With that seemingly obvious understanding in mind, let’s
take a look at the following areas you should self-evaluate before you
plunk down your $125 or the voucher your company gave you.

MCSA
Exam (70-218)

Reviewer’s Rating
“What struck me about the test was that the questions
were clearly written, and the options for the questions
weren’t esoteric or confusing. It’s a good test. If
you understand the material, the correct answers will
rise from the page.”

Exam Title
Managing a Windows 2000 Network Environment.

Current Status
Live as of January 2002.

Who Should Take It
Candidates working in medium to large computing environments
that use Windows 2000 network and directory services.
Candidates should have at least six months of experience
administering and supporting Win2K server and client
operating systems that use Active Directory. Core credit
for the MCSA certification. Also serves as an elective
credit for the MCSE.

Permissions
What happens when you add a user to multiple groups and then add different
permissions to each group as they’re applied to a resource? What’s the
best or most efficient way to apply permissions to a resource? There are
quite a few of these types of questions, as there should be. Be able to
deal with the nuances of NTFS and FAT, along with the behavior of encrypted
files in each environment and what happens to the characteristics of files
as they move to and from each file system.

Tip: Be able to recognize the various methods of how to recover an
encrypted file when the original owner of the file is no longer available
to help with the task. The technical details aren’t as important here
as the fundamental concepts.

Subnet MaskingOddly enough, there’s quite a bit of subnetting in the exam. This
is surprising because the certification is aimed at administration, not
design. However, you need to know if a network addressing configuration
will work and which hosts are valid on a given subnet. While it’s important
to understand the basics of IP architecture and configuration, an argument
could be made that it goes too far here. However, I’ve never heard of
a test-taker winning an argument with a test, so you’d better understand
how to balance the number of hosts and networks within a given network.
The examples are quite straightforward, but if you don’t understand how
the bits should fall behind a subnet mask, you won’t even know where to
begin.

The linchpin of the new Microsoft Certified Systems
Administrator credential is, of course, exam 70-218,
Managing a Microsoft Windows 2000 Network Environment.
In addition, you need to pass two other tests:

RoutingUnderstand the purpose of a default gateway and where the configuration
occurs. Be able to locate the configuration when displayed with tools
(such as ipconfig) and know the implications if any of the entries are
incorrect at the client. The other important concept to understand is
how the route command works. You don’t need to know the syntax of the
command, as is the case with other tests, but you do need to know how
an entry in a route table affects communication between multiple networks.
You also need to know which changes in the route table will resolve the
problem in the question. For example, the network you want to reach through
a router should be associated with the address of the router interface.

Tip: Get up to speed on tools such as tracert and how to use the results
to troubleshoot communication problems.

Organizational UnitsYou need to know when to break people into different Organizational
Units and how this affects the delegation of administrative permissions.
Expect scenarios with multiple OUs between which you delegate administrative
permissions in the directory. You’ll be expected to know the most efficient
and restrictive method for applying specific administrative permissions
through the application of policies. Understand the implication of blocking
upstream policies and how policies flow through the directory tree.

Tip: Know how to create accounts and troubleshoot the implications
of their inclusion into specific groups. Keep in mind the scope, type
and nesting implications of groups.

Remote AccessAs more people work on the road and at home, remote access continues
to grow as an important administrative area of network management. This
is reflected in the exam. Make sure you know how to provide permissions
to remote connections, as well as understand how to give users access
to resources across the remote connection. For example, under what circumstances
would you use a VPN? How would you configure it?

Tip: Be familiar with the basic configuration of NAT, ICS and Terminal
Services. For example, which of the two NICs do you configure for ICS
or NAT? It doesn’t get much deeper than this in each of these areas, but
you need to know the broad landscape.

System Monitor
As a network administrator you must deal with performance issues over
time, and the exam reflects this. Understand the relationships between
the disk, NIC, memory and the CPU. When do you add one of these resources
over the other?

Tip: You need to be able to read the results of the system monitor,
both in a table and a graph, and be able to determine which resource is
the bottleneck in each scenario. For example, under which circumstances
would you add more memory over a new CPU?

Web ServicesKnow the differences and relationships between FTP services and
Web services. How do you apply permissions to users of FTP and Web services?
What are the ports necessary for these services to function, and which
port is associated with each service?

Tip: Make sure you know when and why to add a virtual directory or
virtual server.

DNS, DHCP and WINSName resolution is a critical aspect of Windows 2000 functionality.
You need to understand the effects of DNS placement and know what happens
when DNS isn’t providing the proper name-to-IP address mappings. Know
how to read the results of nslookup and when to use it and be sure to
understand the difference between DNS and WINS and under which circumstances
WINS is necessary to provide name resolution on the network. Make sure
you can tackle questions on DHCP that cover server placement, the implications
of the bootp protocol, and when to use relay agents.

Tip: Brush up on how to authorize a DHCP Server and what the implications
are if you bring an unauthorized DHCP server up on a Win2K network. And,
yes, you may even have to understand what an LMHOST file will do for you.
(Will NetBIOS never die?)

10
Things to Practice

1. Assign and Publish resources in Active Directory.

2. Create a software deployment share.

3. Edit and link a GPO.

4. Create a virtual directory and virtual server in
IIS.

5. Configure and give access permissions to the FTP
service.

6. Work on some subnetting problems.

7. Study Route Tables.

8. Configure NAT and ICS.

9. Create shares and assign permissions to these resources.

10. Set up relay agents for DHCP and WINS.

Odds and EndsThe other basics covered are how to install hardware and software.
This means you must know how the hardware wizard works and whether to
create separate service pack and hotfix packages for machines already
deployed. When would you use the Recovery Console rather than Safe Mode?
How should you manage Win2K updates? (This is an important issue for administrators
in light of how many Win2K hotfixes are posted on the Web.)

The test is really a broad amalgamation of existing exams. Microsoft
recommends that candidates have six to 12 months of experience working
with the desktop and network infrastructure. This isn’t really a great
deal of time and, in many companies, you may find yourself so specialized
that you might not have a chance to work on all of the areas covered on
the exam. The reality is that, with each individual, there will be some
paper certification in some areas of the test. A key point is that it
covers a lot of topics, but none too deeply. Understanding the basic concepts
and how to apply them will go a long way in helping you pare down the
options and find the correct answers.

An MCSE should be able to pass this test, but it’s questionable if the
purpose of the MCSA is really in an MCSE’s best interest. There are always
those who like to have as many acronyms behind their names as possible;
if this is you, then by all means add another one. However, if you’re
relatively new to the certification world or haven’t reached the MCSE
plateau yet, this is a good place to be and may create the distinction
that you’re looking for in today’s marketplace. Besides, if you’re among
the first 5,000 candidates to complete this certification, you’ll receive
a special-edition Charter Member MCSA wallet card and a special certificate
you can use to impress your friends. I know more than a few competitive
people who would love to add this gem to their collection.

Bragging rights aside, the one good reason for you to take this exam
is to move your professional peg one step higher and increase the odds
that you’ll stand out from the pack vying for that Win2K administrator’s
job. Good luck.